Free Microsoft Security Tools

When it comes to computer and online security, Microsoft Windows is often portrayed as the problem rather than the solution. But don’t get the idea that Microsoft doesn’t care about security. In fact, Microsoft publishes several free and effective security tools for home and professional users. Try some of these to see if your currently installed security software is doing everything it should to protect you...

Beyond Anti-Virus: Try These Free Microsoft Security Tools

News of security breaches frequently mention a “vulnerability in Windows.” The fact is that any software is vulnerable to hacking; it just so happens that Windows is the most popular target because it’s the biggest.

Are you sure your Windows system is correctly configured, has all the latest security patches, and that your anti-virus software is adequately protecting you?

Here are several free tools from Microsoft that you can use to find out.

Microsoft's Malicious Software Removal Tool scans for and removes malware after finding it. However, its signature database includes only the most prevalent threats. It would be a good idea to run Microsoft Safety Scanner (see below) after MSRT for greater assurance that you haven’t missed anything.

If you use Windows Update (and you should!) there's really no need to download the MSRT, because Windows Update will do so automatically. But you can download and run it at any time if you suspect a problem.

Microsoft Safety Scanner is a good, quick way to check for known malware on your computer. It includes a malware signature database of known threats and a barebones program that searches your files for matches. Options include a quick scan of disk areas where malware is deposited most often; a full scan of entire drives; or a targeted scan of user-selected folders.

During the download, you have the option to run the tool right away, or save it to a flash drive or CD for use on another computer. To ensure that you use the most recent malware signature database, MSS expires every ten days and must be downloaded again. Because it's a rather large download (over 90MB), I recommend using Microsoft Safety Scanner only if you suspect that your existing anti-malware program has failed to catch or remove a problem. It can also be run every few months to double-check your antimalware program's effectiveness.

The Microsoft Malware Prevention Troubleshooter goes by the short name, “FixIt.” This utility turns on Windows Firewall; Automatic Update (so you automatically receive and install critical security updates); Pop-Up Blocker in Internet Explorer; and User Account Control. Note that many users disable some or all of these features deliberately, either relying on third-party firewalls and other protections or simply preferring not to be bothered by UAC.

FixIt also enables features that check for active anti-malware software and nag you if you don’t have any installed; stops the Remote Registry service if it is active, preventing hackers from modifying your registry settings; monitors Internet Explorer to make sure it is up to date and privacy/security settings are tight; and resets your proxy settings to ensure a normal browsing experience if malicious software has hijacked them.

The Enhanced Mitigation Experience Toolkit makes malware’s attacks more difficult by protecting certain operating system features that must be circumvented before vulnerabilities in Windows can be exploited. It will also "harden" the defenses of certain programs that are commonly used as attack vectors, such as Internet Explorer, Microsoft Office, Adobe Reader and Java.

In addition, it tightens the rules for verifying the identity of popular online services such as Twitter, Facebook and Yahoo. EMET supports Windows 7 or 8, Windows Vista, Windows Server 2003, and the Home or Premium edition of Windows XP.

Microsoft Baseline Security Analyzer scans local and remote computers to see if they have the latest Microsoft security updates for Windows or MS Office and whether there are any security misconfigurations that leave the door open for malware or hacking. Some things the MBSA looks for are missing security updates, weak account passwords, and misconfigured firewalls.

The Microsoft website says the MBSA is a tool for IT professionals and system administrators, but don't let that scare you away. If you're a typical home computer user, then you ARE the system administrator. You will need to know in advance if you have a 32-bit or 64-bit version of Windows, and then select the corresponding download. Note that the program doesn't automatically run after the download. You'll need to find the downloaded program and then launch MBSA. After it runs, MBSA will display a report of any problems found, with links to remedy them.

Windows Defender Offline is a tool that's fundamentally different from all of the ones I've mentioned here so far. The difference is that it doesn't run while Windows is active. it's a standalone program that runs from a bootable disk. WDO will boot up a bare-bones environment in which neither the Windows operating system nor viruses can activate. It then scans your hard drive for malware, and will remove any if found.

If your system is so badly fouled up that you can't even download or run a malware scanner, or if you cannot boot Windows because of a malware infection, then WDO is a handy tool to get back to good.

What About My AntiVirus Program?

To be clear, I'm not recommending that you use any of these tools instead of your current anti-virus program. Consider the tools listed here as an extra layer of defense against malware. Use them as a "peace of mind" scan to check for cyber-nasties that can sometimes creep in undetected.

No anti-virus program is going to protect against 100% of all threats 100% of the time. The reason for this is that new viruses are being created all the time, and viruses can morph (change their identifying characteristics) and attack before your antivirus program is updated. It's also possible in some cases for a virus to disable your antivirus protection.

I'm sure many people reading this will be wondering why I didn't mention the obvious -- Microsoft's free Microsoft Security Essentials antivirus program. The short answer is that I don't recommend it. The long answer is in my article Microsoft Security Essentials: EPIC FAIL.

Most recent comments on "Free Microsoft Security Tools"

Posted by:
Carole
20 Jan 2014

Thank you very much for posting all this information on how to keep a computer safe.

Posted by:
Sheri
20 Jan 2014

I've read that malware etc. targets Windows systems rather than Apple systems for the simple reason that there are millions more Windows systems in use worldwide than there are Apple Macs. And to all the Mac owners who disrespect Windows, siting Windows security problems and the need for constant updates and patches etc., they need to remember that Apple Mac cost 3-4 times as much Windows desktops and laptops, which is precisely why most average users choose them. And for the hefty price of a Mac system, I would expect Apple to keep it secure and trouble free!

Having said that, I still think that Microsoft could make Windows systems a bit more secure - without the end user having to find out how to close some of the security holes themselves. Because a lot of casual users simply don't have the time or inclination to search for tech articles like this, let alone read them and put their advice into action.

Posted by:
Stephen - NYC
20 Jan 2014

One reason for the lack of security in Windows (at least XP and previous versions) is that Microsoft decided to allow for backwards compatibility to those previous versions. If MS had said at some point years ago that going forward, you'd have to upgrade (like they are doing now with XP losing security updates) or your programs would not work, then they could have made subsequent versions of Windows more secure than they have been.
Remember, the P in PC stands for Personal. Back then the biggest problem was someone coming to your desktop and copying files directly from it. The concept of a network didn't really exist for most people. Not counting the sneaker protocol that is.

Posted by:
Ben
20 Jan 2014

Thank you for all your advice Bob. I didn't know that you don't recommend MSE. How do you feel about Windows Defender with Windows 8?

EDITOR'S NOTE: It's the same product, just renamed.

Posted by:
Joe
20 Jan 2014

Thank you Bob, I use System Mechanic and it's the best I ever used I use MSE on my tablet and it does a good job for it but I don't take chances going on stupid website if you know what I mean. It's a shame because I would drop my paid version for Microsoft but I guess that's not going to happen anytime soon

Posted by:
HLSinker
20 Jan 2014

This was a great article, I've some of the mentioned tools but was glad to see the others will, will try them out.
again, thanks alot.

Posted by:
Billy Ross
20 Jan 2014

Thanks once again Bob for some valuable information.
As a typical home user, I have been using Microsoft Security Essentials for many years, mainly because I'm never sure what other security tool or tools may be best to use.

I get the impression that I'd be better off using a combination of two or three separate tools to give good security cover? With this thought in mind and, considering ditching Microsoft Security Essentials, which two or three would be best?

If I used Microsoft Malware Prevention Troubleshooter, along with the Enhanced Mitigation Experience Toolkit,is that going to be sufficient IF I include an Anti-Virus Program?

You have most likely suggested 'best' combinations of these in the past, appreciate any more up-to-date suggestions.

EDITOR'S NOTE: I recommend a free anti-virus and occasional scans with MBAM. Adding MMPT and EMET (which are both one-time things) is a bonus.

Posted by:
Catherine
20 Jan 2014

My computer froze up after the latest Microsoft security update. This has never happened before and I'm not sure what to do. Any suggestions? Thank you.

Posted by:
James Casas
21 Jan 2014

I've been using Microsoft's Security Essentials for over a year now and I'm happy with it. As far as I'm concerned, it's still better than the free antivirus programs available.

Posted by:
Catherine
21 Jan 2014

Hi me again...I have been reading everything on this, all day today....I am bleary eyed and really tired but what I keep seeing over and over is a problem with Avast and these latest updates. Should I uninstall Avast to let these "critical" updates through? Boy oh boy I sure hope I can get some help here! Thank you.

EDITOR'S NOTE: It's worth a try. You could also use System Restore to roll back the recent changes.

Posted by:
Mac 'n' Cheese
21 Jan 2014

Great article, Bob.

The Enhanced Mitigation Experience Toolkit is different from the other programs listed: It comes with a 42-page user manual I found to be incomprehensible, and a graphical user interface that was no better.

I have no idea how to run this program. :-(

Posted by:
Sheri
02 Feb 2014

@Mac'n'Cheese. See page 42 of the manual, which explains that you can use EMET's configuration wizard, which automatically applies the recommended settings:-) That is all I use and although more knowledgeable users may be able to configure it right down to the nth degree, I believe that just using the recommended settings has got to be better than using nothing!

Posted by:
james
02 Feb 2014

Bob,
as usual a good article and excellent to open people's eyes. But as I read the comments I see most people are confused (including me) with the programs you mention and HOW TO USE THEM! I would think a little more info towards their use, when to use and combinations recommended would have been very helpful. You normally provide this additional info or a link to it.

I also noticed that Catherine posted she is having problem with Avast and wondering if she should remove? You state it would be good to try after you have recommended this program highly in your other articles and I have been using very successfully since I saw your high recommendation. Again its all confusing and some users are mixing these programs, not knowing any better, with terrible results. Perhaps you would consider a follow up article providing more information as to the use of these programs.

It seems to me, based on your info, that some of them all they do is make sure windows is updated, the firewall is turned on etc. something that is easy for the users to do using CONTROL PANEL.

Posted by:
David W
03 Feb 2014

I was a system builder for almost 20 years. I've removed many different types of malware from many PCs. Not once have I seen a Microsoft security program identify malware, let alone remove anything. The best defense is an image backup system, as no anti-virus or anti-spyware program (free or paid) can totally protect you. You need both anti-virus and anti-spyware to have decent protection, but I can't emphasize strongly enough that nothing is fool proof. Malwarebytes is a very good anti-spyware/malware program, but the free version only scans for infections after the fact and you must remember to update it manually. Pay the (lifetime) fee for Pro with active protection, scheduled scans, and automatic scheduled updates. As for removal, any anti-virus that doesn't require a reboot during the process isn't removing much. Avast (free or paid versions) include a boot scanner which I've found to be very good. I feel sorry for anyone relying solely upon Microsoft products for protection. You might as well have no malware protection at all.

Posted by:
kay
04 Feb 2014

How do I get rid of pup ups everytime I visit a website this all of a sudden started today thanks kay

Posted by:
Stuart
11 Jan 2015

I installed Slim cleaner at the recommendation of PC Pitstop. When I went to uninstall it (they wanted money after advertising it as free) I was told the system administrator had set policies to prevent this. I am the administrator and had done nothing. How do I get to be administrator again ?
Thanks
EDITOR'S NOTE: I would try System Restore to return your computer to the state it was in before you installed SlimCleaner.

Post your Comments, Questions or Suggestions

* Name:
* Email:
(* = Required field)

(Your email address will not be published)

Comments: (you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.